Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problem: improve permission checking in a few messages #1256

Merged
merged 8 commits into from
Dec 11, 2023
Merged

Problem: improve permission checking in a few messages #1256

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e7267d4
Problem: improve permission checking in a few messages
yihuang Dec 11, 2023
bd8ca92
Update CHANGELOG.md
yihuang Dec 11, 2023
4436be6
fix unit test
yihuang Dec 11, 2023
06ed82b
fix error message
yihuang Dec 11, 2023
d668ba7
fix lint
yihuang Dec 11, 2023
1c33131
fix sim
mmsqe Dec 11, 2023
d7bd921
fix msg
mmsqe Dec 11, 2023
a30591f
Update x/cronos/keeper/msg_server.go
mmsqe Dec 11, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
- [#1216](https://github.com/crypto-org-chain/cronos/pull/1216) Update ethermint to fix of avoid redundant parse chainID from gensis when start server.
- [#1230](https://github.com/crypto-org-chain/cronos/pull/1230) Fix mem store in versiondb multistore.
- [#1233](https://github.com/crypto-org-chain/cronos/pull/1233) Re-emit logs in callback contract.
- [#1256](https://github.com/crypto-org-chain/cronos/pull/1256) Improve permission checkings for some messages.

### State Machine Breaking

Expand Down
54 changes: 0 additions & 54 deletions app/ante/ante.go
View file
Open in desktop

This file was deleted.

12 changes: 0 additions & 12 deletions app/ante/handler_options.go
View file
Open in desktop

This file was deleted.

7 changes: 0 additions & 7 deletions app/ante/interface.go
View file
Open in desktop

This file was deleted.

9 changes: 2 additions & 7 deletions app/app.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,6 @@ import (

memiavlstore "github.com/crypto-org-chain/cronos/store"
memiavlrootmulti "github.com/crypto-org-chain/cronos/store/rootmulti"
"github.com/crypto-org-chain/cronos/v2/app/ante"
"github.com/crypto-org-chain/cronos/v2/x/cronos"
cronosclient "github.com/crypto-org-chain/cronos/v2/x/cronos/client"
cronoskeeper "github.com/crypto-org-chain/cronos/v2/x/cronos/keeper"
Expand Down Expand Up @@ -936,7 +935,7 @@ func (app *App) setAnteHandler(txConfig client.TxConfig, maxGasWanted uint64, bl
blockedMap[string(addr)] = struct{}{}
}
blockAddressDecorator := NewBlockAddressesDecorator(blockedMap)
evmOptions := evmante.HandlerOptions{
options := evmante.HandlerOptions{
AccountKeeper: app.AccountKeeper,
BankKeeper: app.BankKeeper,
EvmKeeper: app.EvmKeeper,
Expand All @@ -954,12 +953,8 @@ func (app *App) setAnteHandler(txConfig client.TxConfig, maxGasWanted uint64, bl
},
ExtraDecorators: []sdk.AnteDecorator{blockAddressDecorator},
}
options := ante.HandlerOptions{
EvmOptions: evmOptions,
CronosKeeper: app.CronosKeeper,
}

anteHandler, err := ante.NewAnteHandler(options)
anteHandler, err := evmante.NewAnteHandler(options)
if err != nil {
return err
}
Expand Down
14 changes: 13 additions & 1 deletion x/cronos/keeper/msg_server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,12 @@
// UpdateTokenMapping implements the grpc method
func (k msgServer) UpdateTokenMapping(goCtx context.Context, msg *types.MsgUpdateTokenMapping) (*types.MsgUpdateTokenMappingResponse, error) {
ctx := sdk.UnwrapSDKContext(goCtx)

// check permission
if !k.Keeper.HasPermission(ctx, msg.GetSigners(), CanChangeTokenMapping) {
return nil, errors.Wrap(sdkerrors.ErrUnauthorized, "msg sender is not authorized")
}

Check warning on line 73 in x/cronos/keeper/msg_server.go

View check run for this annotation

Codecov / codecov/patch

x/cronos/keeper/msg_server.go#L69-L73 

Added lines #L69 - L73 were not covered by tests

// msg is already validated
if err := k.Keeper.RegisterOrUpdateTokenMapping(ctx, msg); err != nil {
return nil, err
Expand All @@ -76,6 +82,12 @@
// TurnBridge implements the grpc method
func (k msgServer) TurnBridge(goCtx context.Context, msg *types.MsgTurnBridge) (*types.MsgTurnBridgeResponse, error) {
ctx := sdk.UnwrapSDKContext(goCtx)

// check permission
if !k.Keeper.HasPermission(ctx, msg.GetSigners(), CanTurnBridge) {
return nil, errors.Wrap(sdkerrors.ErrUnauthorized, "msg sender is not authorized")
}

Check warning on line 89 in x/cronos/keeper/msg_server.go

View check run for this annotation

Codecov / codecov/patch

x/cronos/keeper/msg_server.go#L85-L89 

Added lines #L85 - L89 were not covered by tests

gravityParams := k.gravityKeeper.GetParams(ctx)
gravityParams.BridgeActive = msg.Enable
k.gravityKeeper.SetParams(ctx, gravityParams)
Expand All @@ -101,7 +113,7 @@
admin := k.Keeper.GetParams(ctx).CronosAdmin
// if admin is empty, no sender could be equal to it
if admin != msg.From {
return nil, errors.Wrap(sdkerrors.ErrInvalidAddress, "msg sender is authorized")
return nil, errors.Wrap(sdkerrors.ErrUnauthorized, "msg sender is not authorized")

Check warning on line 116 in x/cronos/keeper/msg_server.go

View check run for this annotation

Codecov / codecov/patch

x/cronos/keeper/msg_server.go#L116 

Added line #L116 was not covered by tests
}
acc, err := sdk.AccAddressFromBech32(msg.Address)
if err != nil {
Expand Down
16 changes: 12 additions & 4 deletions x/cronos/keeper/permissions.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,21 @@
}

// HasPermission check if an account has a specific permission. by default cronos admin has all permissions
func (k Keeper) HasPermission(ctx sdk.Context, account sdk.AccAddress, permissionsToCheck uint64) bool {
func (k Keeper) HasPermission(ctx sdk.Context, accounts []sdk.AccAddress, permissionsToCheck uint64) bool {
mmsqe marked this conversation as resolved.
Show resolved Hide resolved
// case when no permission is needed
if permissionsToCheck == 0 {
return true
}
admin := k.GetParams(ctx).CronosAdmin
permission := k.GetPermissions(ctx, account)
mask := permission & permissionsToCheck
return (admin == account.String()) || (mask == permissionsToCheck)
for _, account := range accounts {
if admin == account.String() {
return true
}

Check warning on line 40 in x/cronos/keeper/permissions.go

View check run for this annotation

Codecov / codecov/patch

x/cronos/keeper/permissions.go#L39-L40 

Added lines #L39 - L40 were not covered by tests
permission := k.GetPermissions(ctx, account)
if permission&permissionsToCheck == permissionsToCheck {
return true
}
}

return false
}
8 changes: 4 additions & 4 deletions x/cronos/keeper/permissions_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,23 +41,23 @@ func (suite *KeeperTestSuite) TestHasPermissions() {
priv, err := ethsecp256k1.GenerateKey()
suite.Require().NoError(err)
address := common.BytesToAddress(priv.PubKey().Address().Bytes())
cosmosAddress := sdk.AccAddress(address.Bytes())
cosmosAddress := []sdk.AccAddress{sdk.AccAddress(address.Bytes())}

suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, 0))
suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, 0))
mmsqe marked this conversation as resolved.
Show resolved Hide resolved

suite.Require().Equal(false, keeper.HasPermission(suite.ctx, cosmosAddress, CanChangeTokenMapping))
suite.Require().Equal(false, keeper.HasPermission(suite.ctx, cosmosAddress, CanTurnBridge))

keeper.SetPermissions(suite.ctx, cosmosAddress, CanChangeTokenMapping)
keeper.SetPermissions(suite.ctx, cosmosAddress[0], CanChangeTokenMapping)
suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, CanChangeTokenMapping))
suite.Require().Equal(false, keeper.HasPermission(suite.ctx, cosmosAddress, CanTurnBridge))

keeper.SetPermissions(suite.ctx, cosmosAddress, CanTurnBridge)
keeper.SetPermissions(suite.ctx, cosmosAddress[0], CanTurnBridge)
suite.Require().Equal(false, keeper.HasPermission(suite.ctx, cosmosAddress, CanChangeTokenMapping))
suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, CanTurnBridge))

keeper.SetPermissions(suite.ctx, cosmosAddress, All)
keeper.SetPermissions(suite.ctx, cosmosAddress[0], All)
suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, CanChangeTokenMapping))
suite.Require().Equal(true, keeper.HasPermission(suite.ctx, cosmosAddress, CanTurnBridge))
}
2 changes: 1 addition & 1 deletion x/cronos/simulation/operations.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@
}

oper, ops, err := simulation.GenAndDeliverTxWithRandFees(txCtx)
if simAccount.Address.String() != cronosAdmin && errors.Is(err, errorsmod.Wrap(sdkerrors.ErrInvalidAddress, "msg sender is authorized")) {
if simAccount.Address.String() != cronosAdmin && errors.Is(err, errorsmod.Wrap(sdkerrors.ErrUnauthorized, "msg sender is not authorized")) {

Check warning on line 94 in x/cronos/simulation/operations.go

View check run for this annotation

Codecov / codecov/patch

x/cronos/simulation/operations.go#L94 

Added line #L94 was not covered by tests
return simtypes.NoOpMsg(types.ModuleName, msg.Type(), "unauthorized tx should fail"), nil, nil
}
return oper, ops, err
Expand Down
Loading